The Latest in IT Security

Security Patches Released for IP.Gallery 4.2.1 and 5.0.5

16
Jan
2014

Invision Power Services has released patches to address a cross-site scripting (XSS) vulnerability in IP.Gallery 4.2.1 and 5.05.

The XSS security hole is related to Shockwave Flash (SWF) file uploads.

Because SWF files allow arbitrary script to execute within the context of the site they are hosted on, we are releasing a patch today which disables SWF files from being accepted by IP.Gallery by default, the advisory published by IPS reveals.

Comments are closed.

Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments